Across the Internet, tectonic shifts are taking place, fundamentally changing the way personal data is collected, stored, and transferred, disrupting technological paradigms and markets. On the scale of decades, the costs of producing hardware and software have plunged, and the computational capacity, throughput, and bandwidth of Internet infrastructure has drastically increased. Cloud Computing Models. Fueled by these changes, cloud computing-which provides computational resources, software, and infrastructure as an on-demand service over the Internet-have become a common feature of the current landscape. Numerous products and services used by consumers are built on or integrate with cloud computing platforms. By extending software "into the cloud," today's products and services can offer consumers functionality and conveniences that were not possible fifteen years ago. For example, users are no longer limited by the amount of storage capacity on a device's hard drive; a user can, practically speaking, store an infinite amount of data through a cloud storage service and access it from anywhere over the Internet. Through an Internet connection, mobile and wearable devices with low-powered microprocessors can leverage the power of thousands of servers, neural networks, and machine learning algorithms to perform complex calculations. These features are often seamlessly integrated into a plethora of products and services, and the average consumer may not be aware of the mechanical underpinnings-they "just work." Consumer Data Held by Vendors and Service Providers. Another consequence of the shift towards cloud computing is that Internet companies are increasingly the caretakers and stewards of consumer data. 3 This happens in a few ways. As individuals and organizations use cloud computing services, their personal digital byproducts, such as old emails, messages, photos, and documents, are redundantly stored on vendor-owned infrastructure for indefinite periods of time. Not only is this convenient for consumers, but data has also become a commodity for Internet businesses as they mine and monetize large quantities of data about individuals. In these arrangements, online services may be offered for no cost to the user and subsidized entirely by revenue from advertising. Some of this data is biographic and transactional, including information like first and last names, email addresses, postal addresses, phone numbers, business records, and other information. However, an increasing amount of it could be described as behavioral and inference-based, such as a user's social graph and relations, their interests, personal preferences, browsing history, clickstream, geolocation, the probability they will fall ill 4 or are pregnant, 5 and much more. Needless to say, such data can be very personal and potentially sensitive.
